Digitalisation as a narrative has increased the need for cyber security awareness during the past few years. It is important to look at the trends as these will tell us something about the immediate threats. One has to look at how the trends in cyber security compare to the threats that we could possibly face. There might also be new regulations and guidelines from government agencies like the PSA that will push the development of new technology for increased security.
How do the trends influence the industry?
These threats will also push the need for cyber security developments and adapting to the trends in the market. The current image is evolving, and more advanced methods for attacks are being used by hackers and others, for economic- and market advantages, but also for purposeless malicious intents. One trend from this is that in most projects there is now a dedicated cyber security team and the requirements are stricter than ever, both when it comes to deliveries and the expectations when operations is taking over the systems from the projects.
The standards IEC 62443 in Norway and OG86 on the British sector are getting more specific and are used to a greater extent than before. Suppliers have to ensure compliance and that they can deliver according to the requirements, where there is a need for ensuring functionality and the robustness of the solutions. When the PSA is out in the field, they have a heightened focus on cyber security. The general consensus is that there is still a long way to go and things to do until we are where we want to be with cyber security in the industry. So, the trend is that more guidelines and regulations are set in place and forces the operators to ensure compliance and create measures to limit the increased threat.
Another trend is the focus on secure remote access (industrial). This involves having a dedicated system to maintain integrity and safety for the system we are accessing. This is important for 3rd parties and vendors connecting to the industrial networks on the remote plant. This is also important in centralised control rooms where operators are granting admin access to these systems and to get an overview of all parties that are connecting to the plant. This trend has been increasingly important with COVID-19, where more people than ever before have been working remotely. This trend will probably last after the pandemic because it involves big savings, as it is a lot more expensive to send people out on an asset. By having people work remotely we will have easier access to the right resources, and it removes the need for offshore requirements and certifications.
How can we mitigate the threats?
There has been an increased focus on personal cyber security awareness and behaviours, linked to strengthening passwords and keeping software up-to-date, including having two-factor authentication on almost everything. Additionally, being aware of how to conduct yourself on industrial systems, e.g. doing a virus scan on computers and USB-sticks before plugging in to the systems or other actions that may expose the industrial networks to outsiders.
Another trend is creating cyber security awareness by training employees on recognising phishing attacks. Some companies even create campaigns where they score employees, based on recognising and reporting the “attacks”.
In the supplier industry there is a new trend of developing products and solution to mitigate the cyber security threats we are experiencing. An example is the development of methods for storage and safe communication. For instance, we can now get backup solutions with 10 years retention. This makes it easier and more predictable if something were to happen. The solutions for remote and secure access are also examples of these types of products.
How will this develop in the future?
All of these trends will develop even further, but where does the responsibility lie? Is it with the specialists that create the products and facilitate for the users? Is it with the operators and the industry? What will the trends be going forward? Will the cyber attacks and threats become more aggressive, or will we be able to keep up with the development? Will we be able to limit the possibilities of attack? Will it get better or worse long term? Will we use even more resources or fewer?
The short answer is: we don't know yet. This is why you should focus on being prepared for the worst with our guide on "How to become a master of cyber security":